T 5.164 Misuse of programming interfaces in Outlook

For reasons of interoperability, many software manufacturers equip their tools and applications with programming interfaces, e. g. as Application Programming Interface (API). These allow the use of certain functions from other programs or extension of the scope of functions of the application. Along with the benefit of the programming interfaces, they can also be used in order to develop malware and they can trigger the harmful effect of the malware via APIs.

For Microsoft Outlook, programming interfaces are offered which the users can use to write their own applications or functional extensions (macros) that can send and receive messages, appointments, and tasks using the client. In this way, Microsoft Outlook may be misused for distributing malware.

Example:

• An insider with programming experience develops a tool which regularly browses the shared directories of the corporate network with certain search patterns, e.g. "Patent application", and automatically sends found files to a competitor using Microsoft Outlook.
• A harmful macro deletes emails from the mailbox of a user without the user noticing it. The user is not able to react to enquiries in a timely manner, leading to customer complaints.